From 831e7e988642aceed9aea355ffeea9b1ee6059fc Mon Sep 17 00:00:00 2001 From: irinicd Date: Tue, 13 Aug 2019 09:20:15 +0000 Subject: [PATCH 1/2] Add support for Debian Stretch for mongo --- scripts/install_mongo.sh | 2 ++ scripts/install_mongodb_db9.sh | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) create mode 100755 scripts/install_mongodb_db9.sh diff --git a/scripts/install_mongo.sh b/scripts/install_mongo.sh index 68c268cc..a107a3c3 100755 --- a/scripts/install_mongo.sh +++ b/scripts/install_mongo.sh @@ -14,6 +14,8 @@ if [ -f /etc/debian_version ]; then ./install_mongodb_ub16.sh elif [ "$(lsb_release -r -s)" == "18.04" ]; then ./install_mongodb_ub18.sh + elif [ "$(lsb_release -c -s)" == "stretch" ]; then + ./install_mongodb_db9.sh else echo -e "ERROR: Unknown OS\nExiting!" exit -1 diff --git a/scripts/install_mongodb_db9.sh b/scripts/install_mongodb_db9.sh new file mode 100755 index 00000000..2819b76c --- /dev/null +++ b/scripts/install_mongodb_db9.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +# Install MongoDB for Debian 9 Stretch. + +set -e +set -x + +wget -qO - https://www.mongodb.org/static/pgp/server-4.0.asc | sudo apt-key add - + +echo "deb http://repo.mongodb.org/apt/debian stretch/mongodb-org/4.0 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list + +apt-get update +apt-get install -y mongodb-org + +sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mongod.conf + +cat > /etc/systemd/system/mongodb.service < Date: Wed, 4 Sep 2019 13:24:50 +0000 Subject: [PATCH 2/2] Resolve IP country locally https://github.com/threatstream/mhn/pull/698 --- server/mhn/ui/utils.py | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/server/mhn/ui/utils.py b/server/mhn/ui/utils.py index f9dedcd7..89d48154 100644 --- a/server/mhn/ui/utils.py +++ b/server/mhn/ui/utils.py @@ -7,10 +7,13 @@ import socket import struct from mhn.api.models import Sensor +import geoip2.database flag_cache = SimpleCache(threshold=1000, default_timeout=300) sensor_cache = SimpleCache(threshold=1000, default_timeout=300) +geoip2_reader = geoip2.database.Reader(MHN_SERVER_HOME+'/../../GeoLite2-City.mmdb') + def is_RFC1918_addr(ip): # 10.0.0.0 = 167772160 # 172.16.0.0 = 2886729728 @@ -30,14 +33,13 @@ def is_RFC1918_addr(ip): return False - def get_flag_ip(ipaddr): if is_RFC1918_addr(ipaddr): return constants.DEFAULT_FLAG_URL flag = flag_cache.get(ipaddr) if not flag: - flag = _get_flag_ip(ipaddr) + flag = _get_flag_ip_localdb(ipaddr) flag_cache.set(ipaddr, flag) return flag @@ -52,19 +54,35 @@ def get_sensor_name(sensor_id): print 'Name: %s' % sensor_name return sensor_name +def _get_flag_ip_localdb(ipaddr): + flag_path = '/static/img/flags-iso/shiny/64/{}.png' + try: + r = geoip2_reader.city(ipaddr) + ccode = r.country.iso_code + except Exception: + app.logger.warning("Could not determine flag for ip (LOCALDB): {}".format(ipaddr)) + return constants.DEFAULT_FLAG_URL + else: + # Constructs the flag source using country code + flag = flag_path.format(ccode.upper()) + if os.path.exists(MHN_SERVER_HOME +"/mhn"+flag): + return flag + else: + return constants.DEFAULT_FLAG_URL + def _get_flag_ip(ipaddr): """ Returns an static address where the flag is located. Defaults to static immge: '/static/img/unknown.png' """ flag_path = '/static/img/flags-iso/shiny/64/{}.png' - geo_api = 'https://geospray.threatstream.com/ip/{}' + geo_api = 'https://geospray.threatstream.com/ip/{}' try: # Using threatstream's geospray API to get # the country code for this IP address. r = requests.get(geo_api.format(ipaddr)) ccode = r.json()['countryCode'] - except Exception: + except Exception: app.logger.warning("Could not determine flag for ip: {}".format(ipaddr)) return constants.DEFAULT_FLAG_URL else: